Login Disable Project: >> Login Disable Security Vulnerabilities
Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-01-09
The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote attackers to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demonstrated by the CAS and URL Login modules.
CVSS Score
7.5
EPSS Score
0.005
Published
2015-11-06